How to Implement a Technical Project on a Secure Platform

It's a Dangerous World of Technology

In technical projects, there is a need to specify the host computer platform which will run the set of required applications. Extensive analysis of the available systems will help to identify one which is applicable. Due to the amount of hacking in technology today, viruses, worms, spam and much more, there is a degree of risk involved on most computer choices. Popular systems may have more risk than others. Rare systems may present other challenges. Perhaps the organization already has an infrastructure that must be used, or at least considered. A perfect situation for a project manager, however, is one where the choice of implementation platforms can be determined by the team. In these cases, an extremely secure platform might be the perfect choice.

OpenVMS by HP: a Secure Computer SystemIf an application needs a truly secure implementation platform, the HP OpenVMS might be a great choice. It certainly represents a safe environment. OpenVMS, (or "VMS" as it was originally known), was designed to be a secure, multiple user operating system from its earliest release some 35 years ago. The developing company, Digital Equipment Corporation, designed this system to extend their existing models. Some of the requirements were that the new system, (VMS), had to include a diverse range of security controls on virtually every aspect of the system. Unlike many other systems, operators could establish specific rights on devices, files and processes per individual user. As well, there was a group feature built into the system. This allowed similar people, all accounting users, for example, to have the same access rights.

This ability to define security exactly was a departure from earlier systems. Some of the other platforms took a different approach. Unix, developed about 10 years before OpenVMS, considered security to be all of nothing. Users were either restricted, or they were not. If any elevated abilities were needed by a user, they had to have access to the core account which had absolute power over all parts of the computer system. Unix did implement a file protection scheme which lets users and groups control reading and writing files but this applied only to the computer disks. MSDOS, which evolved into Windows, was never meant to be a secure system. Rather, these were personal use platforms. In time, Windows evolved into Windows NT and the other multiple user versions. While these now have customizable security levels, they remain open to vulnerabilities due to design.

The Realities of Computer AttacksUnfortunately, all computer systems are at risk from hacking attacks. For various reasons, certain people insist on devising malicious programs which they send out into the technological world. These tend to exploit gaps in system security. Once in, they can destroy or substitute information or render systems useless due to overloading. Attacks are not limited to computer systems, however. Even the network connecting systems in an organization is at risk. Anti-virus programs and system updates are used to combat instances of hacking attacks. Many talented developers work diligently to reduce the damage such attacks release. Unfortunately, most of the repair work is applied to computer systems after an attack is detected. Many systems fall victim to hacking which identifies a fault. The fault is remedied by an anti-virus company or by the operating system vendor. Such remedial work is usually of limited value to those organizations that have been victimized in the first place. They are forced to rebuild their systems to an earlier configuration, one that is not infected by the malicious program. Such technical work is expensive as is the loss of application service time.

Why is OpenVMS Different?OpenVMS is largely unaffected by modern hacking attacks. There are several reasons for this fact. First, there are fewer possibilities for hacking to reach such systems. OpenVMS is a rather rare platform compared to the millions of Windows, Apple, Android and other systems. The rarity of OpenVMS means that fewer hackers bother to target it. Second, the system is generally immune to attack due to the design of the system and the standard operating practices. System accounts are well protected in most OpenVMS installations. Ordinary processes use accounts which do not have the ability to change the contents of the system disk drive. Virus attacks must have this ability or they cannot infect a system. When privileged users do use the OpenVMS systems, they tend to restrict their actions to the local machine. They rarely install programs from outside agencies. When they do, the source of the program is usually well known to the OpenVMS user.

Why has OpenVMS Remained Rare in the Computer Industry?OpenVMS has suffered from its marketing position as an alternate to the largest available computer systems. When the system was first released, it competed with large mainframe models that cost extremely high amounts. OpenVMS was poised as a less expensive option. This resulted in a bargain for organizations that wanted to save money over the cost of a mainframe. It was still expensive, compared to the price of early personal computer systems. OpenVMS saw success in the chosen market. Part of the success was due to the fact that OpenVMS ran on specialized computer hardware which was much more powerful than personal computer models. In time, the ability of basic computer systems has greatly increased. This has reduced the ability of OpenVMS to offer an inexpensive option to large organizations. Now, any company can install very cheap small computers which have far more ability than they used to have. This has narrowed the field considerably. There remain some agencies which require large mainframe computers which are still very expensive. Everyone else is able to install OpenVMS, Unix or Windows to accomplish their needs. Since Windows is usually the cheapest, most organizations choose that system.

Consider the Cost of RiskIn a technological project, risk is a very real item which has a cost. What is the risk to the organization when a computer system is attacked? What is the cost to repair such attacks? If a system is very vulnerable to attack, does it make sense to minimize the initial system cost if the ongoing operating costs are high or if a debilitating attack is likely? Instead, is it a better option for the risk planning to consider the cost of a secure OpenVMS system? This approach would be more expensive initially but would offer ongoing savings, mainly due to the fact that a system attack is extremely unlikely to occur.